Recherche dans le site/ Search this Blog:


Owning a Windows Network; A Practical Approach Imprimer
Écrit par pegr   

Listen up, folks. I am about to share with you a practical way to own any corporate Windows network. Before you bitch, first let me tell you that I won't tell you anything you don't already know or is anything other than obvious. That said, this approach works 85-90% of the time. It is time tested. It works. I've done it many times. And if you try this outside of legitimate network vulnerability testing, I hope you go to prison for a long time. That said, on with the show...

Mis à jour / Last updated ( samedi, 15 décembre 2007 22:44 )
Lire la suite /
How to blacklist or block a call based on callerID in FreePBX and Asterisk Imprimer
Écrit par Alain Côté   

You can blacklist or block calls in FreePBX based on the callerID of the person that is calling you. By default, the caller will hear a message telling him that the number he is calling (e.g. your number) has been disconnected. Pretty useful to handle former boyfriends or telemarketers that call you too often ;-) !

Mis à jour / Last updated ( mercredi, 26 mars 2008 23:53 )
Lire la suite /
How to reject anonymous calls with FreePBX and Asterisk, user is prompted to enter his number Imprimer
Écrit par Alain Côté   

FreePBX has an option to let you reject anonymous calls. If somebody calls without sending a callerID (anonymous call) he will be automatically redirected to a voice message asking him to enter his callerID manually so the call will be routed to you if it is somebody that you know calling from a pay phone or any other phone that doesn't support callerID.

Mis à jour / Last updated ( samedi, 15 décembre 2007 20:11 )
Lire la suite /
Dummy MX (mail exchangers, incoming mail servers) trick to reduce spam Imprimer

Here is a quick trick to further reduce the amount of spam we are getting. Domains usually have MX (mail exchangers, or incoming mail servers) records in their DNS configuration. Here is our DNS configuration for the OC9.COM domain :

Mis à jour / Last updated ( samedi, 15 décembre 2007 20:03 )
Lire la suite /
Receiving and sending faxes with asterisk 1.4, NVFaxDetect, iaxmodem and hylafax Imprimer

UPDATE: Changes to mutex usage in Asterisk 1.4.23 cause NVFax to cease to compile properly, see below for updated files that compile with

We have bridged our HylaFax server with our Asterisk server in order to be able to send and receive faxes over VOIP phone lines and to eliminate dedicated PSTN phone lines hooked up directly to modems on our HylaFax server. A lot of documentation floating around on the internet states that VOIP phone lines are not really suited to send/receive faxes. We have found out that it mostly depend on the providers you are using and on your network connectivity quality.

Mis à jour / Last updated ( vendredi, 06 mars 2009 00:31 )
Lire la suite /
Problem connecting to samba server (smbd) share after upgrading to samba 3.0.27 fixed Imprimer

We have an old SMB share server accessible only from our LAN mostly for testing purposes. We had tried to upgrade it to a recent secure version of samba before without success; we couldn't connect to the server anymore after the update forcing us to downgrade. Since we only connect internally to that test server, fixing this problem wasn't on our priority list but it had to be solved eventually, so here it is:

Mis à jour / Last updated ( samedi, 15 décembre 2007 20:03 )
Lire la suite /
Asterisk - Intermittent beep with linksys SPA 3102, PAP2, DTMF sounds heard during conversation Imprimer

We had users reporting hearing DTMF sounds during a conversation. We have solved the problem by switching DTMF mode to INBAND in the SPA 3102 config, in the PAP2 config and into Asterisk/FreePBX configuration.

Mis à jour / Last updated ( mercredi, 26 mars 2008 23:54 )
Lire la suite /
Using apache as a reverse-proxy with mod_proxy and vmware to replicate a secure large corporation environment Imprimer

Apache logo

In this article, we will review how to set up a secure and efficient environment. Logically, it is comparable to the setups used in large corporations like banks, governments, military, insurance companies etc. We will do this using a single computer with 4GB RAM, apache mod_proxy in reverse proxy mode and the freely available vmware-server. All products used in this setup are either open-source or available for free. The hardware cost of such a system should be around 1300$. There is no software cost.

  • Dual core computer ~800$
  • 4 GB RAM ~280$
  • 2 X 200 GB hard drive in raid 1 (mirroring mode total space avail: 200GB) ~240$
  • Total : 1360$


Mis à jour / Last updated ( samedi, 15 décembre 2007 21:39 )
Lire la suite /
Stratum 1 myth, use closer server network wise instead ! Imprimer

There is a myth that prevails in the ntp community; it is better to connect to low stratum (e.g. stratum 1) servers in order to get more precise time. This is false quite often. Reasons to connect to busy stratum 1 server like the US Naval Observatory ones we hear are :

  • It is more reliable
  • It gives more accurate time, it's the USNO!
  • I distribute time to many clients so I feel OK to connect to many stratum 1 servers
  • Worse, some connect to many stratum 1 servers because they figure that by doing an average, ntpd will keep more precise time !

In fact, it is more important to connect to close by servers network wise that do the same than to connect to stratum 1 servers to keep your clock as accurate as possible.

Mis à jour / Last updated ( jeudi, 07 novembre 2013 22:43 )
Lire la suite /
FreePBX Upgrade.PHP Remote File Include Vulnerability Imprimer

Some hacker(s) tried to exploit a vulnerability in FreePBX 2.1 to get into our systems. It has never been possible to use thatLogo FreePBX exploit to get into our systems but we though that we should write about it anyway so other systems which might be vulnerable will get that security hole patched.

Below is our web logs which registered the intrusion attempts.

It is interesting to note that the following IPs and web sites are either implicated in the attacks or controlled by the attacker(s).

Mis à jour / Last updated ( samedi, 15 décembre 2007 20:00 )
Lire la suite /
« Début/StartPréc/Previous1234Suivant/NextFin/End »

Page 3 de 4

Consultez TOUS nos fils d'actualité ici. / View ALL our newsfeed here.